AVG has launched free security software for Mac OS X, which includes tools for Safari and Firefox. AVG's CEO JR Smith, says, "Mac users have traditionally been less vulnerable to attacks because of their lower market share, but that is quickly changing." That's the age-old question of to what extent the scourge of malware on Windows is a symptom of Microsoft's sloppy security decisions vs. due to Windows' popularity and the fact that malware authors can get "more bang for their buck" targeting the most popular platform.

Less market share may mean less effective blanket attacks but a targeted attack will always be tailored to the user and/or OS. I personally think antivirus and antimalware for osX can't come fast enough. Get on top of what is already out there and enabled by Apple's questionable update policy. Even if it doesn't target one's osX machine, detect everything so as not to be an immune carrier passing on malware to systems that are affected by it.

If it's got a network connection, it's under attack, all day and every day. Be responsible and help filter out what you can.

For us *nix based system users; SSH bruteforce is on the rise again. Do you have your firewall in place and strong passwords if not certificate authentication only?

ftp? F no.. anything I can do to purge cleartext protocols from my systems. Doesn't stop other's from using them though or leaving themselves open to SSH exploitation because of the mis-perception of "I'm invulnerable"

These days any manual attack is going to scan ports and find your SSH off port 22. Automated malware will also be smart enough to discover services away from standard ports. I can't personally put any value in this kind of obscurity.

Now, the firewall rules, allow specific users and such I'm all about as real security mechanisms. Unless your one of the few accepted IP, port 22 does not exist. And certificate login; disable the password after ssh-copy-id or move the certificate manually. I can't build a *nix system without SSH and still wish Microsoft would provide a native daemon rather than the third party stuff. I'd love to just ssh in behind a user and do my work without having them interupted.

Bastille and PSAD are a must also. I'd like to see the Bastille package for Debian Squeeze tuned up for use. It may actually be working now as the last time I tried it was over a year ago. At the time, it chewed the system and sent me back to my clean install and build script.

I think the link scanning's best use, has nothing to do with platform native malware. Cross site scripting and/or cross site request forgery is by far the easier and more lucrative exploit channel these days. I'm guessing many of the sites that are banned are just known sites with dangerous javascript.

I am SOOOO tired of the worn out excuse about market share meaning lower targets. Let's try ... a lesser target because of difficulty in writing and infecting a specific platform. If Mac users are diligent in checking their firewalls, passwords etc. and learning how to keep their system locked down, then viruses are less likely to penetrate the mac WITHOUT user interaction... give the program your admin password, not likely. They didn't mention the only known viruses in the wild were socially engineered and didn't infect the mac without that interaction. ALL computer systems are vulnerable and not all Mac users are totally stupid. Most of us to keep tabs on this stuff but so far the sky hasn't fallen. Until it does I'll just keep being careful and NOT give all my money to anti virus companies. ALL of the PCs I "disinfect" were infected without ANY idea of the user and thru, McAfee, Nortons and AVG. Lots of money was spent on these programs and they DIDN'T help. Now lets say, welcome to the real world!

I agree that there is the bang of buck concept with Windows, but Mac users in general have been more affluent. You'd think that since one in 20 users (or 10) buy a mac, one in 20 malwares should be written for OS X. It's quite an unspoiled market after all. But this isn't the case. In fact, Mac malwares are disproportionately few. Does this have something to do with OS X's underlying architecture that makes writing a malware more difficult (not impossible; although Pwn2Own contradicts this)? If malwares for OS X are imminent, would it be better for Apple to write an anti-malware application (similar to Microsoft Security Essentials for Windows)?

You'd think that since one in 20 users (or 10) buy a mac, one in 20 malwares should be written for OS X. It's quite an unspoiled market after all.

That's only for the US and some parts of Europe though.

Windows users are also more likely to have updates turned off which makes them a better target. A big part of this has to do with all the pirated installs.

Malware writers don't even have to look for new exploits in Windows when they can use existing ones. It's not just about market share, there is also the question of how much effort is required to leverage that market share. As I have pointed out before there are plug-n-play hack kits for Windows exploits.

Windows users are also more likely to have updates turned off which makes them a better target. A big part of this has to do with all the pirated installs.

Another mention: I consciously disabled the updates for some time. Because I have a Parrot DS 3120 bluetooth audio system that, as I discovered, can act as a remote control using a certain bluetooth profile. One day in January, my Vista SP1 refused to start: BSOD, reboot, BSOD, etc.

The problem was caused by a driver for the bluetooth remote control profile installed by Windows Update in the automatic install mode. That driver was impossible to remove from the Windows driver cache to the point that I had to reformat the system disk since, as I discovered, some filesystem folders can't be modified even by an admin user. System restoration didn't help: Vista reinstalled the latest drivers from its cache. I recovered the system, turned the wifi connection off before disabling the updates for some time.

There's been at least two other instances in the past six months when Windows Update would have automatically installed driver updates (Realtek Ethernet Gigabit and NVidia card) which, after searching for the appropriate documentation on the web, were not suited to my specific system!

The worst in Windows Update is that such updates come without any documentation about what's new or fixed. Even the links provided in the sidebar lead to a "windows hardware qualification" (or similar, don't remember the exact wording) website which is, quite obviously for affiliated manufacturers or OEMs. Totally useless; that's something that should be copied from the Apple and Linux worlds.

Let's answer a question with a question: What would be better, getting the information for 1/20 users or getting the information for the other 19? Put it another way: Which is more, five people with a thousand dollars or 200 people with 50 dollars?

Just want to mention that Microsoft Security Essentials is not the exemplary light-on-resources app I heard it was. It ate a good 200 MB on an XP SP3 laptop with 512 MB. I couldn't launch any browser with half a dozen tabs without swapping coming into play. I had to revert to Antivir.
The irony is that most of that memory was used by Windows Defender... which, when uninstalled, prevented MSSE from running.

Apple have to recognize that computer security *is* an issue and update their security model to the latest standards. No antivirus will do the job for them, they will just help worsen performance and battery life of the macs up to the point where they act like Windows PCs.

But since Apple benefit much more from iDevices, I bet that they won't be doing anything about the security issue. To the contrary, they'll help Mac security to sink even further, coding malware themselves if they need to. Then they'll use it as an argument to tell people that they should upgrade to the latest 15" iPad Sun, which runs iOS-optimized versions of all the Mac apps they're used to...

Apple have to recognize that computer security *is* an issue and update their security model to the latest standards.

What are these standards and how different is the Mac model from them?

No antivirus will do the job for them, they will just help worsen performance and battery life of the macs up to the point where they act like Windows PCs.

No need for that. Snow Leopard served that purpose very well: my MacBook Pro is so much slower that if I weren't leaving my job (and that professional laptop) in the coming days, I would go back to 10.5.8. The speed increase that had been advertised was... not present.

To the contrary, they'll help Mac security to sink even further, coding malware themselves if they need to.

What are these standards and how different is the Mac model from them?

Sorry, I somehow forgot something when I typed this, probably because I was very tired this morning. It's not about written, ISO-like standards in security like the ones you see in the military world, but about quality standards. I forgot the quality world.

Today, a good OS must have automatic security updates (caution : only the security-oriented ones. No new features, they break things and make the user disable updates altogether.) and firewall on as a default setting. There must also be some kind of capability-based security (like on Android's Market or with AppArmor if I understand well how the former works) including minimal user data protection, phishing protection in Safari, and spoofing prevention in system windows like the Ctl+Alt+Del in login windows of Windows since 2K...

"No antivirus will do the job for them, they will just help worsen performance and battery life of the macs up to the point where they act like Windows PCs.

No need for that. Snow Leopard served that purpose very well: my MacBook Pro is so much slower that if I weren't leaving my job (and that professional laptop) in the coming days, I would go back to 10.5.8. The speed increase that had been advertised was... not present. "
Really ? I thought that at least the speed improvement worked as advertised according to some reviews... Looks like I should read more mac-oriented news, even though I feel that there's already more than enough macs in my house and around.
Well, then the "help" word in my original post takes an interesting new sense ^^

"To the contrary, they'll help Mac security to sink even further, coding malware themselves if they need to.

Hilarious. "
You know, I wrote thet as a joke, but it's one of the oldest form of conspiracy theory in the security world to suspect security professional of creating malware themselves to make themselves useful.

And as much as my scientific instinct tells me that unfalsifiable theories are bad, I can't help but think that it really could be true...

But since Apple benefit much more from iDevices, I bet that they won't be doing anything about the security issue.

What security issue? AVG is just spreading FUD and trying to sell something that nobody needs. Mac market share continues to grow and yet there's next to no malware for it in the wild.

On another note, antiviruses, as security measures go, are a completely stupid approach. Maintaining blacklists is a never-ending game of catch-up with the malware. And always losing. And becoming dependent on the antivirus vendor's updates. It was a good idea back 20 years when there were a couple hundred viruses around. Now that there are tens of millions and growing exponentially... not so much.

Thanks but no thanks. If Apple ever decides they need stronger security measures I hope they'll go with something like AppArmor from Linux rather than the braindead antivirus idea from Windows. (That is, if they don't already have something like that in place.)

Even if you believe the hype do yourself a favour and do not get AVG but a real AV-scanner.
It's not bad, but in this business being average is not good enough. It only takes one shot to slip past the goalie, and that's it. When still on Windows all these years ago I was almost anal about updating the database, still got infected with no less than 3 different Trojans. Releasing updates just once or twice a week is not good enough. Not able to scan deep into compressed files is not good enough.
Do your research and get a good AV scanner that deserves your money. It's the one piece of software I have no problem paying for. And, as often in life, the best are not even the most expensive.